Wednesday, 2016-03-30

*** harlowja has quit IRC		00:05
*** minwang2 has quit IRC		00:10
*** ajmiller has quit IRC		00:12
*** SumitNaiksatam has quit IRC		00:19
*** fawadkhaliq has quit IRC		00:20
*** fawadkhaliq has joined #openstack-lbaas		00:20
*** fawadkhaliq has quit IRC		00:24
*** harlowja has joined #openstack-lbaas		00:54
*** kevo has quit IRC		00:54
*** mixos has joined #openstack-lbaas		01:07
*** raginbajin has quit IRC		01:30
*** krotscheck_dcm has quit IRC		01:31
*** raginbajin has joined #openstack-lbaas		01:31
*** krotscheck has joined #openstack-lbaas		01:33
*** fnaval has quit IRC		01:39
*** cody-somerville has quit IRC		01:43
*** jaff_cheng has joined #openstack-lbaas		01:47
*** cody-somerville has joined #openstack-lbaas		02:01
*** cody-somerville has quit IRC		02:01
*** cody-somerville has joined #openstack-lbaas		02:01
*** kevo has joined #openstack-lbaas		02:05
*** Purandar has quit IRC		02:15
*** Purandar has joined #openstack-lbaas		02:28
*** fnaval has joined #openstack-lbaas		02:39
*** fnaval has quit IRC		02:44
*** bana_k has quit IRC		02:45
*** yuanying has quit IRC		03:22
*** prabampm has joined #openstack-lbaas		03:29
*** links has joined #openstack-lbaas		03:40
*** prabampm1 has joined #openstack-lbaas		03:55
*** prabampm has quit IRC		03:56
*** fawadkhaliq has joined #openstack-lbaas		04:18
*** yuanying has joined #openstack-lbaas		04:24
*** bana_k has joined #openstack-lbaas		04:41
*** diogogmt has joined #openstack-lbaas		04:42
*** bana_k has quit IRC		05:01
*** bana_k has joined #openstack-lbaas		05:17
*** kobis has joined #openstack-lbaas		05:40
*** Alex_Stef has joined #openstack-lbaas		05:44
*** anilvenkata has joined #openstack-lbaas		05:47
*** numans has joined #openstack-lbaas		06:19
*** Purandar has quit IRC		06:26
*** rcernin has joined #openstack-lbaas		06:26
*** kobis has quit IRC		06:37
*** bana_k has quit IRC		06:39
*** fnaval has joined #openstack-lbaas		06:42
*** tesseract has joined #openstack-lbaas		06:45
*** tesseract is now known as Guest23157		06:46
*** fnaval has quit IRC		06:46
*** woodster_ has quit IRC		06:57
*** fawadkhaliq has quit IRC		07:24
*** permalac has joined #openstack-lbaas		07:31
*** jschwarz has joined #openstack-lbaas		07:33
*** eranra has joined #openstack-lbaas		07:34
*** fnaval has joined #openstack-lbaas		07:45
*** fnaval has quit IRC		07:49
*** nmagnezi has joined #openstack-lbaas		07:49
*** mixos has quit IRC		07:50
*** mixos has joined #openstack-lbaas		07:50
*** mixos has quit IRC		07:52
*** ihrachys has joined #openstack-lbaas		08:20
*** dean_ has joined #openstack-lbaas		09:17
kong	so quiet today...	09:18
*** dean__ has joined #openstack-lbaas		09:18
*** dean_ has quit IRC		09:19
*** jaff_cheng has quit IRC		10:48
*** fnaval has joined #openstack-lbaas		10:58
*** fnaval has quit IRC		11:03
*** dean_ has joined #openstack-lbaas		11:04
*** dean__ has quit IRC		11:07
*** eranra_ has joined #openstack-lbaas		11:10
*** eranra has quit IRC		11:13
rm_work	it is early	11:22
rm_work	most people work in CDT/PDT	11:22
rm_work	kong: where are you located?	11:22
*** rtheis has joined #openstack-lbaas		11:26
*** permalac has quit IRC		11:35
*** openstackgerrit has quit IRC		11:47
*** openstackgerrit has joined #openstack-lbaas		11:48
*** dean_ has quit IRC		11:57
*** eranra__ has joined #openstack-lbaas		12:07
*** eranra_ has quit IRC		12:11
*** ducttape_ has joined #openstack-lbaas		12:12
*** numans has quit IRC		12:16
*** numans has joined #openstack-lbaas		12:16
*** dean_ has joined #openstack-lbaas		12:29
*** ducttape_ has quit IRC		12:32
*** ducttape_ has joined #openstack-lbaas		12:32
*** openstackgerrit has quit IRC		12:33
*** openstackgerrit has joined #openstack-lbaas		12:33
*** diogogmt has quit IRC		12:36
*** ducttape_ has quit IRC		12:37
*** diogogmt has joined #openstack-lbaas		12:37
*** neelashah has joined #openstack-lbaas		12:49
*** diogogmt has quit IRC		12:52
*** prabampm1 has quit IRC		12:54
*** dean_ has quit IRC		13:00
*** openstackgerrit has quit IRC		13:18
*** neelashah1 has joined #openstack-lbaas		13:18
*** openstackgerrit has joined #openstack-lbaas		13:19
*** neelashah has quit IRC		13:19
*** eranra__ has quit IRC		13:24
mhayden	kong: shhh :)	13:25
*** doug-fis_ has quit IRC		13:25
*** links has quit IRC		13:30
*** doug-fish has joined #openstack-lbaas		13:31
*** doug-fish has quit IRC		13:35
*** ducttape_ has joined #openstack-lbaas		13:47
*** doug-fish has joined #openstack-lbaas		13:50
*** doug-fis_ has joined #openstack-lbaas		13:52
openstackgerrit	Kobi Samoray proposed openstack/octavia: Implement custom header support for Octavia https://review.openstack.org/257901	13:54
*** doug-fish has quit IRC		13:55
*** mixos has joined #openstack-lbaas		14:07
*** mixos_ has joined #openstack-lbaas		14:09
*** mixos_ has quit IRC		14:12
*** mixos has quit IRC		14:13
johnsom	Meeting agenda for today: https://wiki.openstack.org/wiki/Octavia/Weekly_Meeting_Agenda	14:13
*** diogogmt has joined #openstack-lbaas		14:15
*** ajmiller has joined #openstack-lbaas		14:19
*** nmagnezi has quit IRC		14:24
*** Purandar has joined #openstack-lbaas		14:29
*** mixos has joined #openstack-lbaas		14:30
*** links has joined #openstack-lbaas		14:30
*** mixos has quit IRC		14:33
*** fnaval has joined #openstack-lbaas		14:35
*** armax_ has joined #openstack-lbaas		14:36
*** armax has quit IRC		14:39
*** armax_ is now known as armax		14:39
*** fnaval has quit IRC		14:40
*** dean_ has joined #openstack-lbaas		14:40
*** links has quit IRC		14:49
*** diogogmt has quit IRC		14:49
*** Alex_Stef has quit IRC		14:49
*** numans has quit IRC		15:05
*** anilvenkata has quit IRC		15:06
*** eranra has joined #openstack-lbaas		15:07
*** mixos has joined #openstack-lbaas		15:09
*** minwang2 has joined #openstack-lbaas		15:10
*** eranra has quit IRC		15:12
*** Guest23157 has quit IRC		15:21
*** diogogmt has joined #openstack-lbaas		15:31
*** woodster_ has joined #openstack-lbaas		15:32
*** minwang2 has quit IRC		15:32
*** minwang2 has joined #openstack-lbaas		15:34
*** jschwarz has quit IRC		15:39
*** armax has quit IRC		15:41
*** armax has joined #openstack-lbaas		15:42
*** permalac has joined #openstack-lbaas		15:44
*** piet has joined #openstack-lbaas		15:46
*** diogogmt has quit IRC		16:01
*** diogogmt_ has joined #openstack-lbaas		16:01
*** doug-fish has joined #openstack-lbaas		16:10
*** TrevorV\|Home has joined #openstack-lbaas		16:11
*** doug-fis_ has quit IRC		16:12
*** doug-fish has quit IRC		16:14
*** bana_k has joined #openstack-lbaas		16:15
*** kfox1111_ has joined #openstack-lbaas		16:19
*** openstack has joined #openstack-lbaas		17:07
*** ducttape_ has quit IRC		17:07
*** ducttape_ has joined #openstack-lbaas		17:08
*** ducttape_ has quit IRC		17:09
*** fawadkhaliq has quit IRC		17:10
*** ducttape_ has joined #openstack-lbaas		17:10
*** fawadkhaliq has joined #openstack-lbaas		17:11
*** ihrachys has quit IRC		17:12
*** minwang2 has joined #openstack-lbaas		17:23
*** Aish has joined #openstack-lbaas		17:25
*** piet has quit IRC		17:30
*** prabampm has joined #openstack-lbaas		17:35
*** Aish has quit IRC		17:47
*** fawadkhaliq has quit IRC		17:49
*** piet has joined #openstack-lbaas		17:50
*** fawadkhaliq has joined #openstack-lbaas		17:51
*** neelashah1 has quit IRC		17:53
*** Aish has joined #openstack-lbaas		17:57
*** piet has quit IRC		18:07
*** piet has joined #openstack-lbaas		18:07
*** piet has quit IRC		18:11
*** piet has joined #openstack-lbaas		18:11
*** neelashah has joined #openstack-lbaas		18:12
*** prabampm has quit IRC		18:12
*** fawadkhaliq has quit IRC		18:22
*** fawadkhaliq has joined #openstack-lbaas		18:23
*** mixos has quit IRC		18:24
*** davidlenwell has quit IRC		18:27
*** SumitNaiksatam has joined #openstack-lbaas		18:28
*** piet has quit IRC		18:29
*** crc32 has joined #openstack-lbaas		18:31
*** davidlenwell has joined #openstack-lbaas		18:34
*** piet has joined #openstack-lbaas		18:35
*** fnaval has joined #openstack-lbaas		18:37
*** piet has quit IRC		18:38
*** numans has joined #openstack-lbaas		18:38
*** piet has joined #openstack-lbaas		18:38
*** fnaval has quit IRC		18:41
*** krotscheck is now known as krotscheck_dcm		18:46
*** woodster_ has quit IRC		18:47
*** piet has quit IRC		18:50
*** piet has joined #openstack-lbaas		18:50
*** yamamoto has quit IRC		18:53
*** piet has quit IRC		18:56
*** mixos has joined #openstack-lbaas		18:57
*** piet has joined #openstack-lbaas		18:58
*** mixos has quit IRC		19:01
*** ducttape_ has quit IRC		19:01
*** ducttape_ has joined #openstack-lbaas		19:01
*** mixos has joined #openstack-lbaas		19:07
*** purandar_k has joined #openstack-lbaas		19:12
*** purandar_k has left #openstack-lbaas		19:13
*** crc32 has quit IRC		19:15
*** piet has quit IRC		19:20
*** piet has joined #openstack-lbaas		19:21
*** fawadkhaliq has quit IRC		19:28
*** fawadkhaliq has joined #openstack-lbaas		19:28
openstackgerrit	Michael Johnson proposed openstack/neutron-lbaas: Improve session persistence gate issue https://review.openstack.org/278874	19:50
*** piet has quit IRC		19:51
johnsom	Kick that can a bit farther down the rebase path	19:51
*** yamamoto has joined #openstack-lbaas		19:53
*** fawadkhaliq has quit IRC		19:55
johnsom	Octavia meeting starting soon on #openstack-meeting-alt	19:59
*** piet has joined #openstack-lbaas		20:02
*** yamamoto has quit IRC		20:03
*** fawadkhaliq has joined #openstack-lbaas		20:05
*** ban has joined #openstack-lbaas		20:09
*** ban is now known as Guest51388		20:09
*** numans has quit IRC		20:10
*** piet has quit IRC		20:14
*** fawadkhaliq has quit IRC		20:24
*** fawadkhaliq has joined #openstack-lbaas		20:25
kong	rm_work: in new zealand	20:25
*** openstackgerrit has quit IRC		20:48
*** openstackgerrit has joined #openstack-lbaas		20:48
*** piet has joined #openstack-lbaas		20:49
openstackgerrit	Mark Vanderwiel proposed openstack/neutron-lbaas-dashboard: fix unit tests https://review.openstack.org/296718	20:49
openstackgerrit	min wang proposed openstack/octavia: Fix the lauchpad bug #1548555 https://review.openstack.org/299623	20:54
openstack	bug 1548555 in octavia "Hardcoded default credentials for anchor" [High,New] https://launchpad.net/bugs/1548555	20:54
*** Aish has quit IRC		21:04
*** Aish has joined #openstack-lbaas		21:04
*** rtheis has quit IRC		21:05
openstackgerrit	Lucas Palm proposed openstack/neutron-lbaas-dashboard: Show the member status properties https://review.openstack.org/299629	21:06
*** neelashah has quit IRC		21:22
openstackgerrit	min wang proposed openstack/octavia: Fix the lauchpad bug #1548555 https://review.openstack.org/299623	21:23
openstack	bug 1548555 in octavia "Hardcoded default credentials for anchor" [High,New] https://launchpad.net/bugs/1548555 - Assigned to min wang (swiftwangster)	21:23
openstackgerrit	Michael Johnson proposed openstack/neutron-lbaas: Improve session persistence gate issue https://review.openstack.org/278874	21:34
*** fawadkhaliq has quit IRC		21:45
*** piet has quit IRC		21:45
*** davidlenwell has quit IRC		21:48
*** Aish has quit IRC		21:49
bharathm	sbalukoff: I am reviewing your patch. https://review.openstack.org/#/c/232173/2..3/doc/source/main/dev-quick-start.rst	21:49
bharathm	Have a question.. Do we use certs for amphora health checks too ? They are UDP with hmacs' aren't they ?	21:50
*** fawadkhaliq has joined #openstack-lbaas		21:52
*** davidlenwell has joined #openstack-lbaas		21:55
*** piet has joined #openstack-lbaas		21:58
*** Aish has joined #openstack-lbaas		21:59
sbalukoff	bharathm: That's correct, though I forget how we calculate the HMAC.	22:00
*** Aish has left #openstack-lbaas		22:00
bharathm	Ok.. because I noticed you mentioned SSL certs needed for health checks too in L233 in that url	22:02
sbalukoff	Yeah. We should probably double-check how we calculate the HMAC to see how we're seeding it with a known shared secret between the controller and amphora (SSL key would make sense here, though of course I haven't looked at that specific code).	22:03
johnsom	Health messages do not use the certs. It uses the pre-shared key and HMAC sha256	22:07
sbalukoff	How is the pre-shared key populated?	22:07
johnsom	It's in the octavia.conf	22:07
sbalukoff	So, it's not unique to each amphora?	22:07
johnsom	And loaded in the amp via config drive amphora-agent.conf	22:07
sbalukoff	So, amphora can spoof messages from each other?	22:07
sbalukoff	I smell a low-priority bug. ;)	22:08
johnsom	I think I asked for a counter but I don't know that it got implemented	22:08
sbalukoff	Ok, I'll file a bug on it. :)	22:08
sbalukoff	(This really ought not be something in a config file, just sayin')	22:08
sbalukoff	Or rather, in the controller config. Amphora config is fine, IMO.	22:09
johnsom	I think the amp ID is in there too, so a hostile amp would have to know the id of it's target	22:09
sbalukoff	Ok, that's a little better.	22:09
sbalukoff	In any case, though bharathm: My doc is wrong on that point.	22:10
*** ducttape_ has quit IRC		22:11
bharathm	Okay.. Just making sure I got the correct info :-)	22:12
johnsom	Yeah, had to look what got implemented there: https://github.com/openstack/octavia/blob/master/octavia/amphorae/backends/health_daemon/health_daemon.py	22:12
johnsom	There is a sequence (not sure it's checked) and the amp id inside the health message	22:13
sbalukoff	So it's not terrible... but it does make the perhaps unwarranted assumption that the amphora UUID will be treated as sensitive information elsewhere.	22:14
sbalukoff	johnsom: Where in that code are you seeing a signature happening?	22:15
openstackgerrit	min wang proposed openstack/octavia: Remove the default anchor usrename and password value https://review.openstack.org/299623	22:17
johnsom	The hmac is here: https://github.com/openstack/octavia/blob/master/octavia/amphorae/backends/health_daemon/status_message.py	22:18
johnsom	The previous link was the payload	22:18
sbalukoff	Oh! Ok.	22:19
*** fawadkhaliq has quit IRC		22:20
*** fawadkhaliq has joined #openstack-lbaas		22:20
*** diogogmt_ has quit IRC		22:21
*** ajmiller has quit IRC		22:28
*** ajmiller has joined #openstack-lbaas		22:30
*** Guest51388 has quit IRC		22:34
*** fawadkhaliq has quit IRC		22:34
*** fawadkhaliq has joined #openstack-lbaas		22:37
*** mixos has quit IRC		22:47
*** piet has quit IRC		22:59
*** TrevorV\|Home has quit IRC		23:00
*** fawadkhaliq has quit IRC		23:12
*** fawadkhaliq has joined #openstack-lbaas		23:14
bana_k	can you all please review this one too https://review.openstack.org/#/c/286365/ :)	23:34
xgerman	sbalukoff johnsom we definitely don’t check the sequence	23:48
xgerman	for the Health messages	23:48
johnsom	Yeah. At least it makes the messages variable	23:48
*** SumitNaiksatam has quit IRC		23:51
*** ajmiller has quit IRC		23:56

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!